Tag: ssl

Unable to find valid certification path to requested target – error even after cert imported

I have a Java client trying to access a server with a self-signed certificate. When I try to Post to the server, I get the following error: unable to find valid certification path to requested target Having done some research on the issue, I then did the following. Saved my servers domain name as a root.cer file. In my Glassfish

Why does SSL handshake give ‘Could not generate DH keypair’ exception?

cryptography diffie-hellman java ssl

When I make an SSL connection with some IRC servers (but not others – presumably due to the server’s preferred encryption method) I get the following exception: Final cause: An example of a server that demonstrates this problem is aperture.esper.net:6697 (this is an IRC server). An example of a server that does not demonstrate the problem is kornbluth.freenode.net:6697. [Not surprisingly,

Trust Store vs Key Store – creating with keytool

java jce keytool ssl

I understand that the keystore would usually hold private/public keys and the trust store only public keys (and represents the list of trusted parties you intend to communicate with). Well, that’s my first assumption, so if that’s not correct, I probably haven’t started very well… I was interested though in understanding how / when you distinguish the stores when using

how to accept self-signed certificates for JNDI/LDAP connections?

java jndi ldap security ssl

I need to connect to an LDAP directory over SSL. In non-production environments, we use self-signed certificates which, of course, fails to validate with: I am aware of how to use a custom trust manager for SSL-enabled connections, but don’t know how to use one in connection with the JNDI API where I don’t manage the actual connection. That is,

How to extract CN from X509Certificate in Java?

java ssl x509 x509certificate

I am using a SslServerSocket and client certificates and want to extract the CN from the SubjectDN from the client’s X509Certificate. At the moment I call cert.getSubjectX500Principal().getName() but this of course gives me the total formatted DN of the client. For some reason I am just interested in the CN=theclient part of the DN. Is there a way to extract

How to ignore SSL certificate errors in Apache HttpClient 4.0

apache-httpclient-4.x java ssl

How do I bypass invalid SSL certificate errors with Apache HttpClient 4.0? Answer You need to create a SSLContext with your own TrustManager and create HTTPS scheme using this context. Here is the code,

Import PEM into Java Key Store

apache-mina java keystore pem ssl

I am trying to connect to an SSL server which requires me to authenticate myself. In order to use SSL over Apache MINA I need a suitable JKS file. However, I have only been given a .PEM file. How would I go about creating a JKS file from a PEM file? Answer First, convert your certificate in a DER format

How to import an existing X.509 certificate and private key in Java keystore to use in SSL?

activemq java jks jms ssl

I have this in an ActiveMQ config: I have a pair of X.509 cert and a key file. How do I import those two in order to use them in SSL and SSL+stomp connectors? All examples I could google always generate the key themselves, but I already have a key. I have tried but this only imports the certificate and